<?php
	
	class LoginClass{
		private $db;
		private $xss;
		
		function LoginClass() {
			$this->db = DBhandler::getInst();
			$this->xss = new XSSClass();
			
			//print_r($args);
			if (isset($args['loginName'])) {
				$this->loginName = $args['loginName'];
			}
			if (isset($args['loginPassword'])) {
				$this->password = $args['loginPassword'];
			}
			if (isset($args['id'])) {
				$this->id = $args['id'];
			}
			if (isset($args['sesid'])) {
				$this->sesid = $args['sesid'];
			}
		}
		
		function logout() {
			$sesid = $this->sesid;
			$id = $this->id;
			
			session_id($sesid);
			session_start();
			$_SESSION = array();
			if (isset($_COOKIE[session_name()])) {
				setcookie(session_name(), '', time()-42000, '/');
			}
			echo true;
			return session_destroy();
		}
		
		function login() {
			$db = $this->db;
			$loginName = $this->loginName;
			$password = $this->password;
			
			$sql = "select
								passwd, 
								real_name as realName, 
								id
							from
								users
							where
								login_name = '$loginName'";
			
			$sth = $db->execute($sql);
			//var_dump($sth);
			$sth = $db->fetchRows($sth);
			if (($sth) && ($sth['passwd'] == $password)) {
				session_start();
				//session_regenerate_id();
				$sesid = session_id();
				$userInfo = array(
													"result" => true,
													'realName' => $sth['realName'], 
													"sesid" => $sesid, 
													"userName" => $loginName,
													"usrId" => $sth['id'],
													"pass" => $sth['passwd']
													);
				$userInfo = json_encode($userInfo);
				$_SESSION['usrId'] = $sth['id'];
				
				$languageId = $_POST['languageId'];
				$sql = "update
									users
								set
									languages_id = '$languageId'
								where
									id = '".$sth['id']."'";
				$res = $db->execute($sql);
				
				echo $userInfo;
				
				return true;
			}
			else {
					$userInfo = array("result" => false);
					$userInfo = json_encode($userInfo);
					echo $userInfo;
					
					return false;
			}
		}
		
		function newPassword() {
			$db = $this->db;
			$loginName = $this->loginName;
			
			$newPassword = $db->createUniqueId(6);
			$md5password = md5($newPassword);
			
			$sql = "select 
								email,
								languages_id as lid
							from 
								users 
							where 
								login_name = '$loginName'";
			
			if (!$sth = $db->execute($sql)) {
				echo false;
				
				return false;
			}
			$res = $db->fetchRows($sth);
			$email = $res['email'];
			$languageId = $res['lid'];
			
			$sql = "update users set passwd = '$md5password' where login_name = '$loginName'";
			
			if (!$db->execute($sql)) {
				echo false;
				
				return false;
			}
			
			$langSql = "
				select
					(select l.value from language_pack as l where l.languages_id = '$languageId' and l.name='newPasswordMailTitle') as newPasswordMailTitle,
					(select l.value from language_pack as l where l.languages_id = '$languageId' and l.name='newPasswordMailHeader') as newPasswordMailHeader,
					(select l.value from language_pack as l where l.languages_id = '$languageId' and l.name='newPasswordMailPassword') as newPasswordMailPassword,
					(select l.value from language_pack as l where l.languages_id = '$languageId' and l.name='newPasswordMailFooter') as newPasswordMailFooter
				from
					language_pack
				limit
					0,1
			";
			
			$res = $db->execute($langSql);
			$lang = $db->fetchRow($res);
			
			$message = 
				'<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" >
				<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="cs" lang="cs">
					<head>
						<meta http-equiv="content-type" content="text/html; charset=utf-8" />
						<title>'.$lang['newPasswordMailTitle'].'</title>
					</head>
					<body>
						<br />
						<h3>'.$lang['newPasswordMailHeader'].'</h3>
						<b>'.$lang['newPasswordMailPassword'].'</b>'.$newPassword.'<br />'.
						'<h1>'.$lang['newPasswordMailFooter'].'</h1><br />
					</body>
				</html>';
			
			$from = 'web2COLLit';
			$headers  = "From: $from <web2collit@nanetu.eu>\n";
			$headers .= "Content-type: text/html; charset=utf-8";
			
			if (mail($email,$lang['newPasswordMailTitle'],$message,$headers)) {
				echo true;
				
				return true;
			}
			else {
				echo false;
				
				return false;
			}
			
		}
	}
?>
